From: Aleš Date: Mon, 10 Jan 2022 16:23:57 +0000 (+0100) Subject: datamodel: logging: dnstap config added X-Git-Tag: v6.0.0a1~58 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a1739adb7c99c24d2e88fb87790ec50f0118c42c;p=thirdparty%2Fknot-resolver.git datamodel: logging: dnstap config added --- diff --git a/manager/knot_resolver_manager/datamodel/logging_config.py b/manager/knot_resolver_manager/datamodel/logging_config.py index 373726a24..b43ee152e 100644 --- a/manager/knot_resolver_manager/datamodel/logging_config.py +++ b/manager/knot_resolver_manager/datamodel/logging_config.py @@ -1,8 +1,8 @@ -from typing import List, Optional +from typing import List, Optional, Union from typing_extensions import Literal, TypeAlias -from knot_resolver_manager.datamodel.types import TimeUnit +from knot_resolver_manager.datamodel.types import CheckedPath, TimeUnit from knot_resolver_manager.utils import SchemaNode LogLevelEnum = Literal["crit", "err", "warning", "notice", "info", "debug"] @@ -57,6 +57,23 @@ LogGroupsEnum: TypeAlias = Literal[ ] +class DnstapSchema(SchemaNode): + """ + Logging DNS queries and responses to a unix socket + + --- + unix_socket: The unix socket file where dnstap messages will be sent. + log_queries: If true queries from downstream in wire format will be logged. + log_responses: If true responses to downstream in wire format will be logged. + log_tcp_rtt: If true TCP RTT (Round-trip time) will be logged. + """ + + unix_socket: CheckedPath + log_queries: bool = True + log_responses: bool = True + log_tcp_rtt: bool = True + + class DebuggingSchema(SchemaNode): assertion_abort: bool = False assertion_fork: TimeUnit = TimeUnit("5m") @@ -71,9 +88,11 @@ class LoggingSchema(SchemaNode): target: Logging stream target for all processes. groups: List of groups for which 'debug' logging level is set. debugging: Advanced debugging parameters for Knot Resolver daemon (kresd). + dnstap: Logging DNS requests and responses to a unix socket. """ level: LogLevelEnum = "notice" target: Optional[LogTargetEnum] = None groups: Optional[List[LogGroupsEnum]] = None + dnstap: Union[Literal[False], DnstapSchema] = False debugging: DebuggingSchema = DebuggingSchema() diff --git a/manager/knot_resolver_manager/datamodel/templates/logging.lua.j2 b/manager/knot_resolver_manager/datamodel/templates/logging.lua.j2 index 62b56f197..0fb2fb123 100644 --- a/manager/knot_resolver_manager/datamodel/templates/logging.lua.j2 +++ b/manager/knot_resolver_manager/datamodel/templates/logging.lua.j2 @@ -17,9 +17,21 @@ log_groups({ }) {% endif %} +{% if cfg.logging.dnstap -%} +-- logging.dnstap +modules.load('dnstap') +dnstap.config({ + socket_path = '{{ cfg.logging.dnstap.unix_socket }}', + client = { + log_queries = {{ 'true' if cfg.logging.dnstap.log_queries else 'false' }}, + log_responses = {{ 'true' if cfg.logging.dnstap.log_responses else 'false' }}, + log_tcp_rtt = {{ 'true' if cfg.logging.dnstap.log_tcp_rtt else 'false' }} + } +}) +{%- endif %} + -- logging.debugging.assertion-abort debugging.assertion_abort = {{ 'true' if cfg.logging.debugging.assertion_abort else 'false' }} -- logging.debugging.assertion-fork debugging.assertion_fork = {{ cfg.logging.debugging.assertion_fork.millis() }} -